head 1.7; access; symbols OPENPKG_E1_MP_HEAD:1.3 OPENPKG_E1_MP:1.3 OPENPKG_E1_MP_2_STABLE:1.2.8.1 OPENPKG_E1_FP:1.2.8.1 OPENPKG_2_STABLE_MP:1.4 OPENPKG_2_STABLE_20061018:1.2.8.1 OPENPKG_2_STABLE_20060622:1.2 OPENPKG_2_STABLE:1.2.0.8 OPENPKG_2_STABLE_BP:1.2 OPENPKG_2_5_RELEASE:1.2 OPENPKG_2_5_SOLID:1.2.0.6 OPENPKG_2_5_SOLID_BP:1.2 OPENPKG_2_4_RELEASE:1.2 OPENPKG_2_4_SOLID:1.2.0.4 OPENPKG_2_4_SOLID_BP:1.2 OPENPKG_CW_FP:1.2 OPENPKG_2_3_RELEASE:1.2 OPENPKG_2_3_SOLID:1.2.0.2 OPENPKG_2_3_SOLID_BP:1.2 OPENPKG_2_2_RELEASE:1.1 OPENPKG_2_2_SOLID:1.1.0.10 OPENPKG_2_2_SOLID_BP:1.1 OPENPKG_2_1_RELEASE:1.1 OPENPKG_2_1_SOLID:1.1.0.8 OPENPKG_2_1_SOLID_BP:1.1 OPENPKG_2_0_RELEASE:1.1 OPENPKG_2_0_SOLID:1.1.0.6 OPENPKG_2_0_SOLID_BP:1.1 OPENPKG_1_2_SOLID:1.1.0.4 OPENPKG_1_3_RELEASE:1.1.2.1 OPENPKG_1_3_SOLID:1.1.2.1.0.2 OPENPKG_1_3_SOLID_BP:1.1.2.1 OPENPKG_1_STABLE:1.1.0.2 OPENPKG_1_STABLE_MP:1.1; locks; strict; comment @# @; 1.7 date 2009.07.12.09.50.47; author rse; state Exp; branches; next 1.6; commitid cJ3JNi9S9AjbdpVt; 1.6 date 2009.07.12.09.04.29; author rse; state Exp; branches; next 1.5; commitid mwbzgRUE0bvhXoVt; 1.5 date 2008.04.02.08.29.47; author rse; state Exp; branches; next 1.4; commitid 70zbnbscrPp5KvXs; 1.4 date 2007.01.06.20.45.50; author rse; state Exp; branches; next 1.3; commitid FY7GrCI53l4jlu1s; 1.3 date 2006.10.07.10.00.58; author rse; state Exp; branches; next 1.2; commitid n3xr8ekxBDB9HJPr; 1.2 date 2005.02.16.16.16.47; author rse; state Exp; branches 1.2.2.1 1.2.4.1 1.2.6.1 1.2.8.1; next 1.1; 1.1 date 2003.07.01.15.36.59; author rse; state Exp; branches 1.1.2.1 1.1.4.1 1.1.8.1 1.1.10.1; next ; 1.2.2.1 date 2006.02.19.11.35.15; author rse; state Exp; branches; next ; commitid KOXJgSNG5vXdCbmr; 1.2.4.1 date 2006.02.19.11.28.10; author rse; state Exp; branches; next ; commitid b2db7MW7QkVMzbmr; 1.2.6.1 date 2006.02.19.11.10.14; author rse; state Exp; branches; next ; commitid 69q7gtqmzUwDtbmr; 1.2.8.1 date 2006.10.07.10.14.23; author rse; state Exp; branches; next 1.2.8.2; commitid hcIQcq4R3yW6MJPr; 1.2.8.2 date 2007.02.06.08.43.32; author rse; state Exp; branches; next ; commitid PFqVZq8HqyoOlp5s; 1.1.2.1 date 2003.07.24.20.45.06; author rse; state Exp; branches; next ; 1.1.4.1 date 2003.10.30.09.14.25; author rse; state Exp; branches; next ; 1.1.8.1 date 2004.10.28.19.42.07; author rse; state Exp; branches; next ; 1.1.10.1 date 2004.10.28.19.38.12; author rse; state Exp; branches; next ; desc @@ 1.7 log @allow building against OSSP uuid @ text @Index: src/Makefile.shlib --- src/Makefile.shlib.orig 2009-01-05 10:27:19 +0100 +++ src/Makefile.shlib 2009-07-12 11:40:16 +0200 @@@@ -339,7 +339,7 @@@@ .PHONY: all-lib all-static-lib all-shared-lib -all-lib: all-shared-lib +all-lib: ifdef soname # no static library when building a dynamically loadable module all-lib: all-static-lib Index: src/backend/Makefile --- src/backend/Makefile.orig 2009-01-01 18:23:34 +0100 +++ src/backend/Makefile 2009-07-12 11:40:16 +0200 @@@@ -32,7 +32,7 @@@@ LIBS := $(filter-out -lpgport, $(LIBS)) $(LDAP_LIBS_BE) # The backend doesn't need everything that's in LIBS, however -LIBS := $(filter-out -lz -lreadline -ledit -ltermcap -lncurses -lcurses, $(LIBS)) +LIBS := $(filter-out -lreadline -ledit -ltermcap -lncurses -lcurses, $(LIBS)) ########################################################################## Index: src/include/port.h --- src/include/port.h.orig 2009-06-11 16:49:08 +0200 +++ src/include/port.h 2009-07-12 11:40:16 +0200 @@@@ -360,7 +360,7 @@@@ extern int getopt(int nargc, char *const * nargv, const char *ostr); #endif -#ifndef HAVE_ISINF +#if !defined(HAVE_ISINF) && !defined(__FreeBSD__) extern int isinf(double x); #endif Index: src/makefiles/Makefile.freebsd --- src/makefiles/Makefile.freebsd.orig 2008-11-14 11:22:47 +0100 +++ src/makefiles/Makefile.freebsd 2009-07-12 11:41:40 +0200 @@@@ -16,7 +16,7 @@@@ %.so: %.o ifdef ELF_SYSTEM - $(CC) $(CFLAGS) -shared -o $@@ $< + $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@@ $< $(SHLIB_LINK) else $(LD) $(LDREL) $(LDOUT) $<.obj -x $< @@echo building shared object $@@ Index: src/makefiles/Makefile.linux --- src/makefiles/Makefile.linux.orig 2008-11-14 11:22:47 +0100 +++ src/makefiles/Makefile.linux 2009-07-12 11:42:16 +0200 @@@@ -11,4 +11,4 @@@@ endif %.so: %.o - $(CC) $(CFLAGS) -shared -o $@@ $< + $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@@ $< $(SHLIB_LINK) Index: src/makefiles/Makefile.solaris --- src/makefiles/Makefile.solaris.orig 2009-07-12 11:40:16 +0200 +++ src/makefiles/Makefile.solaris 2009-07-12 11:42:07 +0200 @@@@ -18,7 +18,7 @@@@ %.so: %.o ifeq ($(GCC), yes) - $(CC) $(CFLAGS) -shared -o $@@ $< + $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@@ $< $(SHLIB_LINK) else $(CC) $(CFLAGS) -G -o $@@ $< endif @ 1.6 log @upgrading package: postgresql 8.3.7 -> 8.4.0 @ text @d3 1 a3 1 +++ src/Makefile.shlib 2009-07-12 10:25:42 +0200 d15 1 a15 1 +++ src/backend/Makefile 2009-07-12 10:25:01 +0200 d27 1 a27 1 +++ src/include/port.h 2009-07-12 10:25:01 +0200 d37 33 @ 1.5 log @finally upgrade to PostgreSQL 8.3 @ text @d1 12 d14 3 a16 3 --- src/backend/Makefile.orig 2007-08-21 03:11:12 +0200 +++ src/backend/Makefile 2007-10-09 12:37:14 +0200 @@@@ -30,7 +30,7 @@@@ d26 3 a28 3 --- src/include/port.h.orig 2007-09-29 00:25:49 +0200 +++ src/include/port.h 2007-10-09 12:30:19 +0200 @@@@ -329,7 +329,7 @@@@ @ 1.4 log @Upgrade OpenPKG-CURRENT from PostgreSQL 8.1 to 8.2 world order: - *CREATED* -> postgresql81-8.1.6 - postgresql-8.1.6 -> postgresql82-8.2.1 - postgresql82-8.2.1 -> *REMOVED* @ text @d1 5 a5 5 Index: src/template/freebsd --- src/template/freebsd.orig 2006-03-11 05:38:41 +0100 +++ src/template/freebsd 2006-11-20 20:54:27 +0100 @@@@ -1,5 +1,5 @@@@ # $PostgreSQL: pgsql/src/template/freebsd,v 1.35 2006/03/11 04:38:41 momjian Exp $ d7 17 a23 9 case $host_cpu in - alpha*) CFLAGS="-O";; # alpha has problems with -O2 + alpha*) CFLAGS=`echo "x$CFLAGS" | sed -e 's;^x;;' -e 's;-O2;-O;'`;; # alpha has problems with -O2 esac Index: src/template/linux --- src/template/linux.orig 2006-03-11 05:38:41 +0100 +++ src/template/linux 2006-11-20 20:54:27 +0100 @@@@ -1,4 +1,4 @@@@ # $PostgreSQL: pgsql/src/template/linux,v 1.28 2006/03/11 04:38:41 momjian Exp $ a24 3 # Force _GNU_SOURCE on; plperl is broken with Perl 5.8.0 otherwise -CPPFLAGS="-D_GNU_SOURCE" +CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE" @ 1.3 log @A small patch to allow DSO-based PostgreSQL extensions to be more flexible by providing initialization and finishing hooks. This patch was contributed by Ralf S. Engelschall to the upstream vendor in August 2006 and taken over by the upstream vendor for inclusion into the next major PostgreSQL release. http://groups.google.com/group/pgsql.hackers/browse_frm/thread/ce7858f865a6fecd/19a3f052656f3a69?tvc=1&q=PG_init#19a3f052656f3a69 PS: This allows my OSSP uuid's PostgreSQL extension to finally do the Right Thing ;-) @ text @d1 5 a5 12 Remove lorder(1) and tsort(1) stuff, because it is not needed on modern systems and makes problems under some platforms (e.g. older Linux). --- src/Makefile.global.in.orig Thu Sep 5 00:54:18 2002 +++ src/Makefile.global.in Tue Jul 1 17:17:25 2003 @@@@ -193,7 +193,7 @@@@ LDREL = -r LDOUT = -o RANLIB = @@RANLIB@@ -LORDER = @@LORDER@@ +MK_NO_LORDER= true X = @@EXEEXT@@ a6 38 # Perl --- src/makefiles/Makefile.freebsd.orig Wed Aug 29 21:14:40 2001 +++ src/makefiles/Makefile.freebsd Tue Jul 1 17:23:00 2003 @@@@ -16,7 +16,7 @@@@ $(LD) $(LDREL) $(LDOUT) $<.obj -x $< @@echo building shared object $@@ @@rm -f $@@.pic - @@${AR} cq $@@.pic `lorder $<.obj | tsort` + @@${AR} cq $@@.pic ${RANLIB} $@@.pic @@rm -f $@@ $(LD) -x -Bshareable -Bforcearchive -o $@@ $@@.pic --- src/makefiles/Makefile.openbsd.orig Wed Aug 29 21:14:40 2001 +++ src/makefiles/Makefile.openbsd Tue Jul 1 17:23:12 2003 @@@@ -16,7 +16,7 @@@@ $(LD) $(LDREL) $(LDOUT) $<.obj -x $< @@echo building shared object $@@ @@rm -f $@@.pic - @@${AR} cq $@@.pic `lorder $<.obj | tsort` + @@${AR} cq $@@.pic ${RANLIB} $@@.pic @@rm -f $@@ $(LD) -x -Bshareable -Bforcearchive \ --- src/makefiles/Makefile.netbsd.orig Wed Aug 29 21:14:40 2001 +++ src/makefiles/Makefile.netbsd Tue Jul 1 17:23:39 2003 @@@@ -18,7 +18,7 @@@@ $(LD) $(LDREL) $(LDOUT) $<.obj -x $< @@echo building shared object $@@ @@rm -f $@@.pic - @@${AR} cq $@@.pic `lorder $<.obj | tsort` + @@${AR} cq $@@.pic ${RANLIB} $@@.pic @@rm -f $@@ $(LD) -x -Bshareable -Bforcearchive \ Index: src/template/freebsd --- src/template/freebsd.orig 2004-12-02 19:11:40.000000000 +0100 +++ src/template/freebsd 2005-02-16 17:09:09.617038264 +0100 @@@@ -1,3 +1,3 @@@@ d12 5 a16 3 --- src/template/linux.orig 2004-12-02 19:11:40.000000000 +0100 +++ src/template/linux 2005-02-16 17:08:13.160599508 +0100 @@@@ -1,2 +1,2 @@@@ a19 70 ----------------------------------------------------------------------------- A small patch to allow DSO-based PostgreSQL extensions to be more flexible by providing initialization and finishing hooks. This patch was contributed by Ralf S. Engelschall to the upstream vendor in August 2006 and taken over by the upstream vendor for inclusion into the next major PostgreSQL release. http://groups.google.com/group/pgsql.hackers/browse_frm/thread/ce7858f865a6fecd/19a3f052656f3a69?tvc=1&q=PG_init#19a3f052656f3a69 Index: src/backend/utils/fmgr/dfmgr.c --- src/backend/utils/fmgr/dfmgr.c.orig 2005-10-15 04:49:32 +0200 +++ src/backend/utils/fmgr/dfmgr.c 2006-10-07 11:53:58 +0200 @@@@ -60,6 +60,10 @@@@ static char *expand_dynamic_library_name(const char *name); static char *substitute_libpath_macro(const char *name); +/* types for PostgreSQL-specific DSO init/fini functions */ +typedef void (*PG_init_t)(void); +typedef void (*PG_fini_t)(void); + /* * Load the specified dynamic-link library file, and look for a function * named funcname in it. (funcname can be NULL to just load the file.) @@@@ -77,6 +81,7 @@@@ load_external_function(char *filename, char *funcname, bool signalNotFound, void **filehandle) { + PG_init_t *PG_init; DynamicFileList *file_scanner; PGFunction retval; char *load_error; @@@@ -146,6 +151,13 @@@@ fullname, load_error))); } + /* optionally give the DSO a chance to initialize by calling a + PostgreSQL-specific (and this way portable) "_PG_init" function + similar to what dlopen(3) implicitly does with "_init" on some + Unix platforms. */ + if ((PG_init = (PG_init_t *)pg_dlsym(file_scanner->handle, "_PG_init")) != NULL) + (*PG_init)(); + /* OK to link it into list */ if (file_list == NULL) file_list = file_scanner; @@@@ -187,6 +199,7 @@@@ void load_file(char *filename) { + PG_fini_t *PG_fini; DynamicFileList *file_scanner, *prv, *nxt; @@@@ -223,6 +236,14 @@@@ prv->next = nxt; else file_list = nxt; + + /* optionally give the DSO a chance to finish by calling + a PostgreSQL-specific (and this way portable) "_PG_fini" + function similar to what dlopen(3) implicitly does with + "_fini" on some Unix platforms. */ + if ((PG_fini = (PG_fini_t *)pg_dlsym(file_scanner->handle, "_PG_fini")) != NULL) + (*PG_fini)(); + clear_external_function_hash(file_scanner->handle); pg_dlclose(file_scanner->handle); free((char *) file_scanner); @ 1.2 log @fix build under Linux and FreeBSD/alpha @ text @d63 70 @ 1.2.8.1 log @MFC: pgcluster update; setproctitle option; DSO enhancements @ text @a62 70 ----------------------------------------------------------------------------- A small patch to allow DSO-based PostgreSQL extensions to be more flexible by providing initialization and finishing hooks. This patch was contributed by Ralf S. Engelschall to the upstream vendor in August 2006 and taken over by the upstream vendor for inclusion into the next major PostgreSQL release. http://groups.google.com/group/pgsql.hackers/browse_frm/thread/ce7858f865a6fecd/19a3f052656f3a69?tvc=1&q=PG_init#19a3f052656f3a69 Index: src/backend/utils/fmgr/dfmgr.c --- src/backend/utils/fmgr/dfmgr.c.orig 2005-10-15 04:49:32 +0200 +++ src/backend/utils/fmgr/dfmgr.c 2006-10-07 11:53:58 +0200 @@@@ -60,6 +60,10 @@@@ static char *expand_dynamic_library_name(const char *name); static char *substitute_libpath_macro(const char *name); +/* types for PostgreSQL-specific DSO init/fini functions */ +typedef void (*PG_init_t)(void); +typedef void (*PG_fini_t)(void); + /* * Load the specified dynamic-link library file, and look for a function * named funcname in it. (funcname can be NULL to just load the file.) @@@@ -77,6 +81,7 @@@@ load_external_function(char *filename, char *funcname, bool signalNotFound, void **filehandle) { + PG_init_t *PG_init; DynamicFileList *file_scanner; PGFunction retval; char *load_error; @@@@ -146,6 +151,13 @@@@ fullname, load_error))); } + /* optionally give the DSO a chance to initialize by calling a + PostgreSQL-specific (and this way portable) "_PG_init" function + similar to what dlopen(3) implicitly does with "_init" on some + Unix platforms. */ + if ((PG_init = (PG_init_t *)pg_dlsym(file_scanner->handle, "_PG_init")) != NULL) + (*PG_init)(); + /* OK to link it into list */ if (file_list == NULL) file_list = file_scanner; @@@@ -187,6 +199,7 @@@@ void load_file(char *filename) { + PG_fini_t *PG_fini; DynamicFileList *file_scanner, *prv, *nxt; @@@@ -223,6 +236,14 @@@@ prv->next = nxt; else file_list = nxt; + + /* optionally give the DSO a chance to finish by calling + a PostgreSQL-specific (and this way portable) "_PG_fini" + function similar to what dlopen(3) implicitly does with + "_fini" on some Unix platforms. */ + if ((PG_fini = (PG_fini_t *)pg_dlsym(file_scanner->handle, "_PG_fini")) != NULL) + (*PG_fini)(); + clear_external_function_hash(file_scanner->handle); pg_dlclose(file_scanner->handle); free((char *) file_scanner); @ 1.2.8.2 log @MFC security fixed version from CURRENT @ text @d1 47 d49 3 a51 5 --- src/template/freebsd.orig 2006-03-11 05:38:41 +0100 +++ src/template/freebsd 2006-11-20 20:54:27 +0100 @@@@ -1,5 +1,5 @@@@ # $PostgreSQL: pgsql/src/template/freebsd,v 1.35 2006/03/11 04:38:41 momjian Exp $ d57 3 a59 5 --- src/template/linux.orig 2006-03-11 05:38:41 +0100 +++ src/template/linux 2006-11-20 20:54:27 +0100 @@@@ -1,4 +1,4 @@@@ # $PostgreSQL: pgsql/src/template/linux,v 1.28 2006/03/11 04:38:41 momjian Exp $ d63 70 @ 1.2.2.1 log @Security Fixes (CVE-2006-0553) @ text @a62 89 ----------------------------------------------------------------------------- Security Fixes (CVE-2006-0553) Index: src/backend/utils/mb/encnames.c --- src/backend/utils/mb/encnames.c.orig 2004-12-04 19:19:31 +0100 +++ src/backend/utils/mb/encnames.c 2006-02-19 11:53:57 +0100 @@@@ -434,7 +434,7 @@@@ if (name == NULL || *name == '\0') return NULL; - if (strlen(name) > NAMEDATALEN) + if (strlen(name) >= NAMEDATALEN) { #ifdef FRONTEND fprintf(stderr, "encoding name too long\n"); Index: src/backend/utils/misc/guc.c --- src/backend/utils/misc/guc.c.orig 2005-01-01 06:43:08 +0100 +++ src/backend/utils/misc/guc.c 2006-02-19 11:53:57 +0100 @@@@ -44,6 +44,7 @@@@ #include "optimizer/prep.h" #include "parser/parse_expr.h" #include "parser/parse_relation.h" +#include "parser/scansup.h" #include "postmaster/bgwriter.h" #include "postmaster/syslogger.h" #include "postmaster/postmaster.h" @@@@ -1426,7 +1427,7 @@@@ {"client_encoding", PGC_USERSET, CLIENT_CONN_LOCALE, gettext_noop("Sets the client's character set encoding."), NULL, - GUC_REPORT + GUC_IS_NAME | GUC_REPORT }, &client_encoding_string, "SQL_ASCII", assign_client_encoding, NULL @@@@ -1506,7 +1507,8 @@@@ { {"default_tablespace", PGC_USERSET, CLIENT_CONN_STATEMENT, gettext_noop("Sets the default tablespace to create tables and indexes in."), - gettext_noop("An empty string selects the database's default tablespace.") + gettext_noop("An empty string selects the database's default tablespace."), + GUC_IS_NAME }, &default_tablespace, "", assign_default_tablespace, NULL @@@@ -1646,7 +1648,7 @@@@ {"server_encoding", PGC_INTERNAL, CLIENT_CONN_LOCALE, gettext_noop("Sets the server (database) character set encoding."), NULL, - GUC_REPORT | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE + GUC_IS_NAME | GUC_REPORT | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE }, &server_encoding_string, "SQL_ASCII", NULL, NULL @@@@ -1668,7 +1670,7 @@@@ {"session_authorization", PGC_USERSET, UNGROUPED, gettext_noop("Sets the session user name."), NULL, - GUC_REPORT | GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE + GUC_IS_NAME | GUC_REPORT | GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE }, &session_authorization_string, NULL, assign_session_authorization, show_session_authorization @@@@ -3647,6 +3649,12 @@@@ newval = guc_strdup(elevel, value); if (newval == NULL) return false; + /* + * The only sort of "parsing" check we need to do is + * apply truncation if GUC_IS_NAME. + */ + if (conf->gen.flags & GUC_IS_NAME) + truncate_identifier(newval, strlen(newval), true); } else if (conf->reset_val) { Index: src/include/utils/guc_tables.h --- src/include/utils/guc_tables.h.orig 2004-12-31 23:03:46 +0100 +++ src/include/utils/guc_tables.h 2006-02-19 11:53:57 +0100 @@@@ -125,6 +125,7 @@@@ #define GUC_DISALLOW_IN_FILE 0x0040 /* can't set in postgresql.conf */ #define GUC_CUSTOM_PLACEHOLDER 0x0080 /* placeholder for custom variable */ #define GUC_SUPERUSER_ONLY 0x0100 /* show only to superusers */ +#define GUC_IS_NAME 0x0200 /* limit string to NAMEDATALEN-1 */ /* bit values in status field */ #define GUC_HAVE_TENTATIVE 0x0001 /* tentative value is defined */ @ 1.2.4.1 log @Security Fixes (CVE-2006-0553) @ text @a62 89 ----------------------------------------------------------------------------- Security Fixes (CVE-2006-0553) Index: src/backend/utils/mb/encnames.c --- src/backend/utils/mb/encnames.c.orig 2004-12-04 19:19:31 +0100 +++ src/backend/utils/mb/encnames.c 2006-02-19 11:53:15 +0100 @@@@ -434,7 +434,7 @@@@ if (name == NULL || *name == '\0') return NULL; - if (strlen(name) > NAMEDATALEN) + if (strlen(name) >= NAMEDATALEN) { #ifdef FRONTEND fprintf(stderr, "encoding name too long\n"); Index: src/backend/utils/misc/guc.c --- src/backend/utils/misc/guc.c.orig 2005-03-25 17:17:38 +0100 +++ src/backend/utils/misc/guc.c 2006-02-19 11:53:15 +0100 @@@@ -44,6 +44,7 @@@@ #include "optimizer/prep.h" #include "parser/parse_expr.h" #include "parser/parse_relation.h" +#include "parser/scansup.h" #include "postmaster/bgwriter.h" #include "postmaster/syslogger.h" #include "postmaster/postmaster.h" @@@@ -1426,7 +1427,7 @@@@ {"client_encoding", PGC_USERSET, CLIENT_CONN_LOCALE, gettext_noop("Sets the client's character set encoding."), NULL, - GUC_REPORT + GUC_IS_NAME | GUC_REPORT }, &client_encoding_string, "SQL_ASCII", assign_client_encoding, NULL @@@@ -1506,7 +1507,8 @@@@ { {"default_tablespace", PGC_USERSET, CLIENT_CONN_STATEMENT, gettext_noop("Sets the default tablespace to create tables and indexes in."), - gettext_noop("An empty string selects the database's default tablespace.") + gettext_noop("An empty string selects the database's default tablespace."), + GUC_IS_NAME }, &default_tablespace, "", assign_default_tablespace, NULL @@@@ -1646,7 +1648,7 @@@@ {"server_encoding", PGC_INTERNAL, CLIENT_CONN_LOCALE, gettext_noop("Sets the server (database) character set encoding."), NULL, - GUC_REPORT | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE + GUC_IS_NAME | GUC_REPORT | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE }, &server_encoding_string, "SQL_ASCII", NULL, NULL @@@@ -1668,7 +1670,7 @@@@ {"session_authorization", PGC_USERSET, UNGROUPED, gettext_noop("Sets the session user name."), NULL, - GUC_REPORT | GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE + GUC_IS_NAME | GUC_REPORT | GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE }, &session_authorization_string, NULL, assign_session_authorization, show_session_authorization @@@@ -3647,6 +3649,12 @@@@ newval = guc_strdup(elevel, value); if (newval == NULL) return false; + /* + * The only sort of "parsing" check we need to do is + * apply truncation if GUC_IS_NAME. + */ + if (conf->gen.flags & GUC_IS_NAME) + truncate_identifier(newval, strlen(newval), true); } else if (conf->reset_val) { Index: src/include/utils/guc_tables.h --- src/include/utils/guc_tables.h.orig 2004-12-31 23:03:46 +0100 +++ src/include/utils/guc_tables.h 2006-02-19 11:53:15 +0100 @@@@ -125,6 +125,7 @@@@ #define GUC_DISALLOW_IN_FILE 0x0040 /* can't set in postgresql.conf */ #define GUC_CUSTOM_PLACEHOLDER 0x0080 /* placeholder for custom variable */ #define GUC_SUPERUSER_ONLY 0x0100 /* show only to superusers */ +#define GUC_IS_NAME 0x0200 /* limit string to NAMEDATALEN-1 */ /* bit values in status field */ #define GUC_HAVE_TENTATIVE 0x0001 /* tentative value is defined */ @ 1.2.6.1 log @Security Fixes (CVE-2006-0553) @ text @a62 89 ----------------------------------------------------------------------------- Security Fixes (CVE-2006-0553) Index: src/backend/utils/mb/encnames.c --- src/backend/utils/mb/encnames.c.orig 2004-12-04 19:19:31 +0100 +++ src/backend/utils/mb/encnames.c 2006-02-19 11:52:57 +0100 @@@@ -434,7 +434,7 @@@@ if (name == NULL || *name == '\0') return NULL; - if (strlen(name) > NAMEDATALEN) + if (strlen(name) >= NAMEDATALEN) { #ifdef FRONTEND fprintf(stderr, "encoding name too long\n"); Index: src/backend/utils/misc/guc.c --- src/backend/utils/misc/guc.c.orig 2005-03-25 17:17:38 +0100 +++ src/backend/utils/misc/guc.c 2006-02-19 11:52:57 +0100 @@@@ -44,6 +44,7 @@@@ #include "optimizer/prep.h" #include "parser/parse_expr.h" #include "parser/parse_relation.h" +#include "parser/scansup.h" #include "postmaster/bgwriter.h" #include "postmaster/syslogger.h" #include "postmaster/postmaster.h" @@@@ -1426,7 +1427,7 @@@@ {"client_encoding", PGC_USERSET, CLIENT_CONN_LOCALE, gettext_noop("Sets the client's character set encoding."), NULL, - GUC_REPORT + GUC_IS_NAME | GUC_REPORT }, &client_encoding_string, "SQL_ASCII", assign_client_encoding, NULL @@@@ -1506,7 +1507,8 @@@@ { {"default_tablespace", PGC_USERSET, CLIENT_CONN_STATEMENT, gettext_noop("Sets the default tablespace to create tables and indexes in."), - gettext_noop("An empty string selects the database's default tablespace.") + gettext_noop("An empty string selects the database's default tablespace."), + GUC_IS_NAME }, &default_tablespace, "", assign_default_tablespace, NULL @@@@ -1646,7 +1648,7 @@@@ {"server_encoding", PGC_INTERNAL, CLIENT_CONN_LOCALE, gettext_noop("Sets the server (database) character set encoding."), NULL, - GUC_REPORT | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE + GUC_IS_NAME | GUC_REPORT | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE }, &server_encoding_string, "SQL_ASCII", NULL, NULL @@@@ -1668,7 +1670,7 @@@@ {"session_authorization", PGC_USERSET, UNGROUPED, gettext_noop("Sets the session user name."), NULL, - GUC_REPORT | GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE + GUC_IS_NAME | GUC_REPORT | GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE }, &session_authorization_string, NULL, assign_session_authorization, show_session_authorization @@@@ -3647,6 +3649,12 @@@@ newval = guc_strdup(elevel, value); if (newval == NULL) return false; + /* + * The only sort of "parsing" check we need to do is + * apply truncation if GUC_IS_NAME. + */ + if (conf->gen.flags & GUC_IS_NAME) + truncate_identifier(newval, strlen(newval), true); } else if (conf->reset_val) { Index: src/include/utils/guc_tables.h --- src/include/utils/guc_tables.h.orig 2004-12-31 23:03:46 +0100 +++ src/include/utils/guc_tables.h 2006-02-19 11:52:57 +0100 @@@@ -125,6 +125,7 @@@@ #define GUC_DISALLOW_IN_FILE 0x0040 /* can't set in postgresql.conf */ #define GUC_CUSTOM_PLACEHOLDER 0x0080 /* placeholder for custom variable */ #define GUC_SUPERUSER_ONLY 0x0100 /* show only to superusers */ +#define GUC_IS_NAME 0x0200 /* limit string to NAMEDATALEN-1 */ /* bit values in status field */ #define GUC_HAVE_TENTATIVE 0x0001 /* tentative value is defined */ @ 1.1 log @attempt to get rid of problematic lorder(1) and tsort(1) stuff @ text @d48 15 @ 1.1.8.1 log @fix security bugs @ text @a47 86 ----------------------------------------------------------------------------- Security Fixes: o Avoid using temp files in /tmp in make_oidjoins_check This has been reported as a security issue, though it's hardly worthy of concern since there is no reason for non-developers to use this script anyway. o Disallow running pg_ctl as root This is to guard against any possible security issues. Index: contrib/findoidjoins/make_oidjoins_check --- contrib/findoidjoins/make_oidjoins_check 2002-09-05 21:57:32 +0200 +++ contrib/findoidjoins/make_oidjoins_check 2004-10-21 19:12:19 +0200 @@@@ -10,27 +10,32 @@@@ # Caution: you may need to use GNU awk. AWK=${AWK:-awk} -trap "rm -f /tmp/$$ /tmp/$$a /tmp/$$b" 0 1 2 3 15 +INPUTFILE="tmp$$a" +DUPSFILE="tmp$$b" +NONDUPSFILE="tmp$$c" +rm -f $INPUTFILE $DUPSFILE $NONDUPSFILE + +trap "rm -f $INPUTFILE $DUPSFILE $NONDUPSFILE" 0 1 2 3 15 # Read input -cat "$@@" >/tmp/$$ +cat "$@@" >$INPUTFILE # Look for fields with multiple references. -cat /tmp/$$ | cut -d' ' -f2 | sort | uniq -d >/tmp/$$a -if [ -s /tmp/$$a ] ; then +cat $INPUTFILE | cut -d' ' -f2 | sort | uniq -d >$DUPSFILE +if [ -s $DUPSFILE ] ; then echo "Ignoring these fields that link to multiple tables:" 1>&2 - cat /tmp/$$a 1>&2 + cat $DUPSFILE 1>&2 fi # Get the non-multiply-referenced fields. -cat /tmp/$$ | while read LINE +cat $INPUTFILE | while read LINE do set -- $LINE - grep "^$2\$" /tmp/$$a >/dev/null 2>&1 || echo $LINE -done >/tmp/$$b + grep "^$2\$" $DUPSFILE >/dev/null 2>&1 || echo $LINE +done >$NONDUPSFILE # Generate the output. -cat /tmp/$$b | +cat $NONDUPSFILE | $AWK -F'[ \.]' '\ BEGIN \ { Index: src/bin/pg_ctl/pg_ctl.sh --- src/bin/pg_ctl/pg_ctl.sh 2003-08-14 20:56:41 +0200 +++ src/bin/pg_ctl/pg_ctl.sh 2004-10-22 02:24:27 +0200 @@@@ -111,6 +111,14 @@@@ po_path="$PGPATH/postmaster" +if [ `$PGPATH/pg_id -u` -eq 0 ] +then + echo "$CMDNAME: cannot be run as root" 1>&2 + echo "Please log in (using, e.g., \"su\") as the (unprivileged) user that will" 1>&2 + echo "own the server process." 1>&2 + exit 1 +fi + wait= wait_seconds=60 logfile= @@@@ -238,6 +246,11 @@@@ wait=no fi +# Prevent duplicate of -D flags on each restart +if [ "$op" = "restart" ];then + PGDATAOPTS="" +fi + DEFPOSTOPTS=$PGDATA/postmaster.opts.default POSTOPTSFILE=$PGDATA/postmaster.opts PIDFILE=$PGDATA/postmaster.pid @ 1.1.10.1 log @fix security bugs @ text @a47 86 ----------------------------------------------------------------------------- Security Fixes: o Avoid using temp files in /tmp in make_oidjoins_check This has been reported as a security issue, though it's hardly worthy of concern since there is no reason for non-developers to use this script anyway. o Disallow running pg_ctl as root This is to guard against any possible security issues. Index: contrib/findoidjoins/make_oidjoins_check --- contrib/findoidjoins/make_oidjoins_check 2002-09-05 21:57:32 +0200 +++ contrib/findoidjoins/make_oidjoins_check 2004-10-21 19:12:19 +0200 @@@@ -10,27 +10,32 @@@@ # Caution: you may need to use GNU awk. AWK=${AWK:-awk} -trap "rm -f /tmp/$$ /tmp/$$a /tmp/$$b" 0 1 2 3 15 +INPUTFILE="tmp$$a" +DUPSFILE="tmp$$b" +NONDUPSFILE="tmp$$c" +rm -f $INPUTFILE $DUPSFILE $NONDUPSFILE + +trap "rm -f $INPUTFILE $DUPSFILE $NONDUPSFILE" 0 1 2 3 15 # Read input -cat "$@@" >/tmp/$$ +cat "$@@" >$INPUTFILE # Look for fields with multiple references. -cat /tmp/$$ | cut -d' ' -f2 | sort | uniq -d >/tmp/$$a -if [ -s /tmp/$$a ] ; then +cat $INPUTFILE | cut -d' ' -f2 | sort | uniq -d >$DUPSFILE +if [ -s $DUPSFILE ] ; then echo "Ignoring these fields that link to multiple tables:" 1>&2 - cat /tmp/$$a 1>&2 + cat $DUPSFILE 1>&2 fi # Get the non-multiply-referenced fields. -cat /tmp/$$ | while read LINE +cat $INPUTFILE | while read LINE do set -- $LINE - grep "^$2\$" /tmp/$$a >/dev/null 2>&1 || echo $LINE -done >/tmp/$$b + grep "^$2\$" $DUPSFILE >/dev/null 2>&1 || echo $LINE +done >$NONDUPSFILE # Generate the output. -cat /tmp/$$b | +cat $NONDUPSFILE | $AWK -F'[ \.]' '\ BEGIN \ { Index: src/bin/pg_ctl/pg_ctl.sh --- src/bin/pg_ctl/pg_ctl.sh 2003-08-14 20:56:41 +0200 +++ src/bin/pg_ctl/pg_ctl.sh 2004-10-22 02:24:27 +0200 @@@@ -111,6 +111,14 @@@@ po_path="$PGPATH/postmaster" +if [ `$PGPATH/pg_id -u` -eq 0 ] +then + echo "$CMDNAME: cannot be run as root" 1>&2 + echo "Please log in (using, e.g., \"su\") as the (unprivileged) user that will" 1>&2 + echo "own the server process." 1>&2 + exit 1 +fi + wait= wait_seconds=60 logfile= @@@@ -238,6 +246,11 @@@@ wait=no fi +# Prevent duplicate of -D flags on each restart +if [ "$op" = "restart" ];then + PGDATAOPTS="" +fi + DEFPOSTOPTS=$PGDATA/postmaster.opts.default POSTOPTSFILE=$PGDATA/postmaster.opts PIDFILE=$PGDATA/postmaster.pid @ 1.1.4.1 log @Security Bugfixes: CAN-2003-0901, OpenPKG-SA-2003.047-postgresql @ text @d1 2 a2 2 Security Bugfix for Buffer Overflows CAN-2003-0901, OpenPKG-SA-2003.047-postgresql d4 9 a12 20 Index: src/backend/utils/adt/ascii.c --- src/backend/utils/adt/ascii.c.orig 2002-08-29 09:22:26.000000000 +0200 +++ src/backend/utils/adt/ascii.c 2003-10-30 10:03:42.000000000 +0100 @@@@ -71,7 +71,7 @@@@ /* * Encode */ - for (x = src; x <= src_end; x++) + for (x = src; x < src_end; x++) { if (*x < 128) *desc++ = *x; @@@@ -93,7 +93,7 @@@@ { pg_to_ascii( (unsigned char *) VARDATA(data), /* src */ - VARDATA(data) + VARSIZE(data), /* src end */ + (unsigned char *) (data) + VARSIZE(data), /* src end */ (unsigned char *) VARDATA(data), /* desc */ enc); /* encoding */ d14 34 @ 1.1.2.1 log @mass Merge-From-CURRENT (MFC) in preparation for OpenPKG 1.3 [class BASE only] @ text @@